# JWT 登录系统 API 测试脚本
# 使用方法: 先启动应用 (mvn spring-boot:run)，然后在新终端运行此脚本

$baseUrl = "http://localhost:8080"

Write-Host "======================================" -ForegroundColor Cyan
Write-Host "   Spring Boot JWT 登录系统测试" -ForegroundColor Cyan
Write-Host "======================================" -ForegroundColor Cyan

# 测试 1: 公开接口
Write-Host "`n【测试 1】访问公开接口 /auth/welcome" -ForegroundColor Green
Write-Host "预期: 返回欢迎信息，无需认证" -ForegroundColor Yellow
try {
    $response = Invoke-RestMethod -Uri "$baseUrl/auth/welcome" -Method Get
    Write-Host "✅ 成功: $response" -ForegroundColor Green
} catch {
    Write-Host "❌ 失败: $($_.Exception.Message)" -ForegroundColor Red
}

# 测试 2: Admin 用户登录
Write-Host "`n【测试 2】Admin 用户登录" -ForegroundColor Green
Write-Host "用户名: admin, 密码: 123456" -ForegroundColor Yellow
try {
    $adminBody = @{
        username = "admin"
        password = "123456"
    } | ConvertTo-Json

    $adminToken = Invoke-RestMethod -Uri "$baseUrl/auth/login" `
        -Method Post `
        -ContentType "application/json" `
        -Body $adminBody
    
    Write-Host "✅ 成功获取 Admin Token:" -ForegroundColor Green
    Write-Host $adminToken -ForegroundColor Cyan
    Write-Host ""
} catch {
    Write-Host "❌ 登录失败: $($_.Exception.Message)" -ForegroundColor Red
    exit
}

# 测试 3: User 用户登录
Write-Host "`n【测试 3】普通用户登录" -ForegroundColor Green
Write-Host "用户名: user, 密码: 123456" -ForegroundColor Yellow
try {
    $userBody = @{
        username = "user"
        password = "123456"
    } | ConvertTo-Json

    $userToken = Invoke-RestMethod -Uri "$baseUrl/auth/login" `
        -Method Post `
        -ContentType "application/json" `
        -Body $userBody
    
    Write-Host "✅ 成功获取 User Token:" -ForegroundColor Green
    Write-Host $userToken -ForegroundColor Cyan
    Write-Host ""
} catch {
    Write-Host "❌ 登录失败: $($_.Exception.Message)" -ForegroundColor Red
}

# 测试 4: 无 Token 访问受保护接口（应该失败）
Write-Host "`n【测试 4】无 Token 访问受保护接口（预期失败）" -ForegroundColor Green
try {
    $response = Invoke-RestMethod -Uri "$baseUrl/auth/user/profile" -Method Get
    Write-Host "❌ 意外成功: $response" -ForegroundColor Red
} catch {
    Write-Host "✅ 如预期被拒绝: $($_.Exception.Response.StatusCode)" -ForegroundColor Green
}

# 测试 5: 使用 Admin Token 访问用户接口
Write-Host "`n【测试 5】使用 Admin Token 访问用户接口" -ForegroundColor Green
try {
    $headers = @{
        "Authorization" = "Bearer $adminToken"
    }
    $response = Invoke-RestMethod -Uri "$baseUrl/auth/user/profile" `
        -Method Get `
        -Headers $headers
    
    Write-Host "✅ 成功: $response" -ForegroundColor Green
} catch {
    Write-Host "❌ 失败: $($_.Exception.Message)" -ForegroundColor Red
}

# 测试 6: 使用 Admin Token 访问管理员接口
Write-Host "`n【测试 6】使用 Admin Token 访问管理员接口" -ForegroundColor Green
try {
    $headers = @{
        "Authorization" = "Bearer $adminToken"
    }
    $response = Invoke-RestMethod -Uri "$baseUrl/auth/admin/data" `
        -Method Get `
        -Headers $headers
    
    Write-Host "✅ 成功: $response" -ForegroundColor Green
} catch {
    Write-Host "❌ 失败: $($_.Exception.Message)" -ForegroundColor Red
}

# 测试 7: 使用 User Token 访问用户接口
Write-Host "`n【测试 7】使用 User Token 访问用户接口" -ForegroundColor Green
try {
    $headers = @{
        "Authorization" = "Bearer $userToken"
    }
    $response = Invoke-RestMethod -Uri "$baseUrl/auth/user/profile" `
        -Method Get `
        -Headers $headers
    
    Write-Host "✅ 成功: $response" -ForegroundColor Green
} catch {
    Write-Host "❌ 失败: $($_.Exception.Message)" -ForegroundColor Red
}

# 测试 8: 使用 User Token 访问管理员接口（应该失败）
Write-Host "`n【测试 8】使用 User Token 访问管理员接口（预期失败）" -ForegroundColor Green
try {
    $headers = @{
        "Authorization" = "Bearer $userToken"
    }
    $response = Invoke-RestMethod -Uri "$baseUrl/auth/admin/data" `
        -Method Get `
        -Headers $headers
    
    Write-Host "❌ 意外成功: $response" -ForegroundColor Red
} catch {
    Write-Host "✅ 如预期被拒绝 (403 Forbidden): 普通用户无 ADMIN 权限" -ForegroundColor Green
}

# 测试 9: 错误密码登录（应该失败）
Write-Host "`n【测试 9】使用错误密码登录（预期失败）" -ForegroundColor Green
try {
    $wrongBody = @{
        username = "admin"
        password = "wrong_password"
    } | ConvertTo-Json

    $response = Invoke-RestMethod -Uri "$baseUrl/auth/login" `
        -Method Post `
        -ContentType "application/json" `
        -Body $wrongBody
    
    Write-Host "❌ 意外成功: $response" -ForegroundColor Red
} catch {
    Write-Host "✅ 如预期登录失败: 密码错误" -ForegroundColor Green
}

Write-Host "`n======================================" -ForegroundColor Cyan
Write-Host "           测试完成！" -ForegroundColor Cyan
Write-Host "======================================" -ForegroundColor Cyan

Write-Host "`n提示: 您可以将 Token 复制到 Postman 或其他工具中继续测试" -ForegroundColor Yellow
